locked
How to authenticate user using Azure API Management REST API call RRS feed

  • Question

  • I have created some API in API management and using it thrugh REST API of API management. and created an Azure User also through REST API.

    If that user comes back in my Application, how do I authenticate him using Azure API Management REST API call.

    Monday, July 17, 2017 2:41 PM

All replies

  • The Request to the API Management REST API must be accompanied by an authorization header containing a valid shared access token.

    Check the below link for more information on Azure API Management REST API Authentication.

    https://docs.microsoft.com/en-us/rest/api/apimanagement/apimanagementrest/azure-api-management-rest-api-authentication

    Also, check the below link for more information

    https://docs.microsoft.com/en-us/rest/api/apimanagement/apimanagementrest/api-management-rest#Authentication

    ------------------------------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    • Proposed as answer by Sheethal J S Tuesday, July 18, 2017 6:17 AM
    Tuesday, July 18, 2017 4:09 AM
  • Thanks, I have gone through the links. However all the links says, you need to use developer portal. However my requirement is that, I don't want to use azure developer portal, I have my own custom application, but still want user to be authenticate using Azure API management (might be through API management REST API interface). Is it possible?
    Tuesday, July 18, 2017 9:12 AM
  • Hello Rishi,

    Since you have your own application it's up to you how you authenticate users.

    To help you better, could you please explain what kind of application you have (ASP.NET, NodeJS Express, SPA or something else) and your user scenarios.

    Wednesday, July 19, 2017 5:12 AM
  • These are the steps I am following.

    1) I have an ASP.Net MVC application. Whenever any user comes to our site, we are asking him to register and provide all required information like email, fname, lname, password and then we are using Azure API Management REST api call to create user in Azure API management.

    2) If same user comes back to our site, we have provision, where he can sign-in. We want to authenticate him using the credentials, he provided during registration and stored in Azure API management under user's account.

    Could you please help, how can I authenticate user using Azure API management (might be REST call)?
    Wednesday, July 19, 2017 5:28 AM
  • Got it.

    Management API does not authenticate users by itself, it just accepts requests that already authenticated. The token it takes is issued only for admins, so it can't be used on per user basis.

    However, your ASP.NET app runs on server, so you can safely store the token in its configuration. Therefore, you can implement your own signup and authentication mechanism and use our REST API as a user storage (maybe in addition to your own storage, depending on what data you want to collect from your users) and for issuing subscription keys for them.

    Just in case, we also support authentication delegation for our portals, maybe it's something you want to have a look at: https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-setup-delegation.

    Wednesday, July 19, 2017 5:17 PM